Debian Security Advisory
DLA-691-1 libxml2 -- LTS security update
- Date Reported:
- 31 Oct 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-4658, CVE-2016-5131.
- More information:
Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges.
The old code would invoke the broken xmlXPtrRangeToFunction. range-to isn't really a function but a special kind of location step. Remove this function and always handle range-to in the XPath code. The old xmlXPtrRangeToFunction could also be abused to trigger a use-after-free error with the potential for remote code execution.
For Debian 7
Wheezy, these problems have been fixed in version 2.8.0+dfsg1-7+wheezy7.
We recommend that you upgrade your libxml2 packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS